Unrated severityNVD Advisory· Published Dec 31, 2004· Updated Apr 16, 2026

CVE-2004-2442

Description

Multiple interpretation error in various F-Secure Anti-Virus products, including Workstation 5.43 and earlier, Windows Servers 5.50 and earlier, MIMEsweeper 5.50 and earlier, Anti-Virus for Linux Servers and Gateways 4.61 and earlier, and other products, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on the target system.

Affected products

F-Secure/Anti Virus31 versions
cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_gateways:*:*:*:*:*+ 30 more
- cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_gateways:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_servers:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_workstations:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_gateways:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_servers:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_workstations:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:4.60:*:samba_servers:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:4.61:*:linux_gateways:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:4.61:*:linux_servers:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:5.0:*:linux_client_security:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:5.0:*:linux_server_security:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:client_security:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:mimesweeper:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:windows_servers:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:mimesweeper:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:windows_servers:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:workstations:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:mimesweeper:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:windows_servers:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:workstations:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:5.43:*:workstations:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:client_security:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:5.55:*:client_security:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:6.01:*:ms_exchange:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:6.2:*:ms_exchange:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:6.21:*:ms_exchange:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:6.30:*:ms_exchange:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:6.30_sr1:*:ms_exchange:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:6.31:*:ms_exchange:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:2004:*:*:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:2005:*:*:*:*:*:*:*
F-Secure/F Secure For Firewalls
cpe:2.3:a:f-secure:f-secure_for_firewalls:6.20:*:*:*:*:*:*:*
F-Secure/Internet Security2 versions
cpe:2.3:a:f-secure:f-secure_internet_security:2004:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:f-secure:f-secure_internet_security:2004:*:*:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_internet_security:2005:*:*:*:*:*:*:*
F-Secure/F Secure Personal Express4 versions
cpe:2.3:a:f-secure:f-secure_personal_express:4.5:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:f-secure:f-secure_personal_express:4.5:*:*:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_personal_express:4.6:*:*:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_personal_express:4.7:*:*:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_personal_express:5.0:*:*:*:*:*:*:*
F-Secure/Internet Gatekeeper6 versions
cpe:2.3:a:f-secure:internet_gatekeeper:2.6:*:linux:*:*:*:*:*+ 5 more
- cpe:2.3:a:f-secure:internet_gatekeeper:2.6:*:linux:*:*:*:*:*
- cpe:2.3:a:f-secure:internet_gatekeeper:6.3:*:*:*:*:*:*:*
- cpe:2.3:a:f-secure:internet_gatekeeper:6.4:*:*:*:*:*:*:*
- cpe:2.3:a:f-secure:internet_gatekeeper:6.31:*:*:*:*:*:*:*
- cpe:2.3:a:f-secure:internet_gatekeeper:6.32:*:*:*:*:*:*:*
- cpe:2.3:a:f-secure:internet_gatekeeper:6.41:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/13263/nvdPatch
www.f-secure.com/security/fsc-2004-3.shtmlnvdPatchVendor Advisory
www.securityfocus.com/bid/11732nvdPatch
www.ciac.org/ciac/bulletins/p-041.shtmlnvdVendor Advisory
www.kb.cert.org/vuls/id/968818nvdThird Party AdvisoryUS Government Resource
exchange.xforce.ibmcloud.com/vulnerabilities/18217nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.015
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000